riseup-squad18/MEDICONNECT 2/netlify/functions/doctor-exceptions.ts

/**
 * Netlify Function: doctor-exceptions
 *
 * Proxy para operações de exceções na agenda dos médicos
 * GET: Lista exceções
 * POST: Criar exceção
 * DELETE: Deletar exceção
 */

const SUPABASE_URL = "https://yuanqfswhberkoevtmfr.supabase.co";
const SUPABASE_API_KEY =
  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl1YW5xZnN3aGJlcmtvZXZ0bWZyIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NTQ5NTQzNjksImV4cCI6MjA3MDUzMDM2OX0.g8Fm4XAvtX46zifBZnYVH4tVuQkqUH6Ia9CXQj4DztQ";

export default async (req: Request) => {
  // Permitir CORS
  if (req.method === "OPTIONS") {
    return new Response(null, {
      status: 204,
      headers: {
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Methods": "GET, POST, PATCH, DELETE, OPTIONS",
        "Access-Control-Allow-Headers": "Content-Type, Authorization",
      },
    });
  }

  try {
    const url = new URL(req.url);
    const authHeader = req.headers.get("Authorization");

    // Extrair ID do path se existir
    const pathParts = url.pathname.split("/");
    const exceptionId = pathParts[pathParts.length - 1];

    // GET: Listar exceções
    if (req.method === "GET") {
      const select = url.searchParams.get("select") || "*";
      const doctor_id = url.searchParams.get("doctor_id");
      const date = url.searchParams.get("date");

      const queryParams = new URLSearchParams();
      queryParams.append("select", select);
      if (doctor_id) queryParams.append("doctor_id", `eq.${doctor_id}`);
      if (date) queryParams.append("date", `eq.${date}`);

      const supabaseUrl = `${SUPABASE_URL}/rest/v1/doctor_exceptions?${queryParams}`;

      const headers: HeadersInit = {
        apikey: SUPABASE_API_KEY,
        "Content-Type": "application/json",
      };

      if (authHeader) {
        headers["Authorization"] = authHeader;
      }

      const response = await fetch(supabaseUrl, {
        method: "GET",
        headers,
      });

      const data = await response.json();

      return new Response(JSON.stringify(data), {
        status: response.status,
        headers: {
          "Content-Type": "application/json",
          "Access-Control-Allow-Origin": "*",
        },
      });
    }

    // POST: Criar exceção
    if (req.method === "POST") {
      const body = await req.json();

      const supabaseUrl = `${SUPABASE_URL}/rest/v1/doctor_exceptions`;

      const headers: HeadersInit = {
        apikey: SUPABASE_API_KEY,
        "Content-Type": "application/json",
        Prefer: "return=representation",
      };

      if (authHeader) {
        headers["Authorization"] = authHeader;
      }

      const response = await fetch(supabaseUrl, {
        method: "POST",
        headers,
        body: JSON.stringify(body),
      });

      const data = await response.json();

      return new Response(JSON.stringify(data), {
        status: response.status,
        headers: {
          "Content-Type": "application/json",
          "Access-Control-Allow-Origin": "*",
        },
      });
    }

    // DELETE: Deletar exceção
    if (req.method === "DELETE") {
      if (!exceptionId || exceptionId === "doctor-exceptions") {
        return new Response(
          JSON.stringify({ error: "Exception ID is required" }),
          {
            status: 400,
            headers: {
              "Content-Type": "application/json",
              "Access-Control-Allow-Origin": "*",
            },
          }
        );
      }

      const supabaseUrl = `${SUPABASE_URL}/rest/v1/doctor_exceptions?id=eq.${exceptionId}`;

      const headers: HeadersInit = {
        apikey: SUPABASE_API_KEY,
        "Content-Type": "application/json",
      };

      if (authHeader) {
        headers["Authorization"] = authHeader;
      }

      const response = await fetch(supabaseUrl, {
        method: "DELETE",
        headers,
      });

      return new Response(null, {
        status: response.status,
        headers: {
          "Access-Control-Allow-Origin": "*",
        },
      });
    }

    // Método não suportado
    return new Response(JSON.stringify({ error: "Method not allowed" }), {
      status: 405,
      headers: {
        "Content-Type": "application/json",
        "Access-Control-Allow-Origin": "*",
      },
    });
  } catch (error) {
    console.error("Error in doctor-exceptions function:", error);
    return new Response(
      JSON.stringify({
        error: "Internal server error",
        details: error instanceof Error ? error.message : "Unknown error",
      }),
      {
        status: 500,
        headers: {
          "Content-Type": "application/json",
          "Access-Control-Allow-Origin": "*",
        },
      }
    );
  }
};